NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] SMTP security server logging



Hi,

I was wondering if anyone could help me with this problem.  I'm running 2
firewalls, both on Solaris 2.6 and both running FW-1 version 4.0 SP5.  I'm
using the SMTP security server to check incoming mail to our mail server
with a resource that only allows mail to our domains. The rule looks
something like this

Source : Any   Dest : Our mail server  Service : SMTP with Resource
(recipient = *@ourdomain.com)  ACCEPT

In the SMTP resource, in the security policy, I have specified a mail server
by IP address but no error server.

I get this problem on both firewalls where there's lots of error messages
being generated in the /etc/fw/asmtpd.log file, as much as 5 Meg a day is
logged to this file, at the bottom of this e-mail is an example of part of
the log showing the kind of error messages I'm getting.

The main bulk of the errors are the ones that say Bad file number (see end
of e-mail).

resolver_gethostbyaddr() failed.: Bad file number

I have my /etc/fw/conf/smtp.conf file as follows

timeout 900
scan_period     2
resend_period   180
abandon_time    432000
maxrecipients   100
rundir  /etc/fw/spool
postmaster      postmaster
default_server
error_server    ..xxx.xxx

where xxx.xxx.xxx.xxx is the ip address of a mail server.

my /etc/nsswitch.conf file is setup with the line

hosts:      files dns

for host resolution, as far as I can see this is okay.

I'd be very grateful for any suggestions.

Thanks & Regards,
Paul.

<---------- Part of log file (internal IPs replaces with x's ---------->

14:02:17 fd: 114 src: 206.191.0.217 dst: xxx.xxx.xxx.xxx   Connection
prematurel
y closed.
resolver_gethostbyaddr() failed.: Error 0
14:02:17 fd: 181 src: 63.205.145.74 dst: xxx.xxx.xxx.xxx   Connection I/O
failur
e.
14:02:17 fd: 169 src: 205.180.135.66 dst: xxx.xxx.xxx.xxx   Connection I/O
failu
re.
resolver_gethostbyaddr() failed.: Bad file number
resolver_gethostbyaddr() failed.: Bad file number
resolver_gethostbyaddr() failed.: Bad file number
resolver_gethostbyaddr() failed.: Bad file number
14:02:32 fd: 25 src: 195.12.176.60 dst: xxx.xxx.xxx.xxx   Connection aborted
by
peer.



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.